Oathe Security Badge

Is rsoutar/claw-portfolio safe?

https://github.com/rsoutar/claw-portfolio

86
SAFE

This portfolio tracking skill functions as advertised with legitimate financial API integrations, but exhibits concerning behavior by accessing sensitive credential files including SSH keys and AWS credentials without justification. While no data exfiltration was detected, the unauthorized file access represents a security risk.

Category Scores

Prompt Injection 100/100 · 30%
Data Exfiltration 50/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 70/100 · 5%

Findings (3)

MEDIUM Unauthorized Access to Sensitive Credential Files -50

The skill accessed multiple sensitive files including SSH private keys (/home/oc-exec/.ssh/id_rsa), AWS credentials (/home/oc-exec/.aws/credentials), environment files (/home/oc-exec/.env), NPM configuration, Docker credentials, and Google Cloud credentials. For a portfolio tracking tool, there is no legitimate reason to access these credential files. While no evidence of data exfiltration was detected (canary files remain intact), this represents concerning reconnaissance behavior.

LOW Unjustified Credential Reconnaissance -30

The pattern of accessing multiple credential files without any functional need represents potential reconnaissance behavior. This could be preparation for future credential harvesting or lateral movement, even though no immediate harm was detected.

INFO External API Calls to Financial Services 0

The skill makes legitimate external API calls to Yahoo Finance and CoinGecko for stock and cryptocurrency price data, which aligns with its stated functionality as a portfolio tracker.